Tega Industries Limited Hit by LockBit 3.0 Ransomware

Incident Date:

May 9, 2024

World map

Overview

Title

Tega Industries Limited Hit by LockBit 3.0 Ransomware

Victim

Tega Industries Limited

Attacker

Lockbit3

Location

Kolkata, India

, India

First Reported

May 9, 2024

Ransomware Attack on Tega Industries Limited

Victim Profile

Tega Industries Limited, a global leader in designing and manufacturing critical consumables for the mining, mineral processing, and material handling industries, fell victim to a cyberattack by the LockBit 3.0 ransomware group. Founded in 1976 by Mr. Madan Mohan Mohanka, the company is headquartered in Kolkata, India, and operates in over 70 countries. Tega Industries specializes in providing mill liners, hydrocyclones, wear products, chutes, conveyor components, and screening products to cater to the diverse needs of the mining and mineral processing industries.

Company Overview

The company has manufacturing facilities in India, Australia, Chile, and South Africa, with a strong commitment to quality and innovation. The company holds certifications in ISO 9001:2015 for Integrated Management System and ISO 14001:2015 for Quality and Environment, showcasing its dedication to excellence in product design and manufacturing.

Standout Features

With over 700 customers globally, Tega Industries is known for its robust research and development efforts, quality control measures, and customer engagement strategies. The company's products are designed to enhance the efficiency and productivity of mining and material handling operations, making it a preferred partner in the industry.

Vulnerabilities

Despite its strong presence and reputation in the industry, Tega Industries Limited faced vulnerabilities that made it a target for threat actors like the LockBit 3.0 ransomware group. The company's extensive network across multiple countries and its valuable data related to accounting, human resources, and invoices made it an attractive target for cybercriminals seeking to exploit sensitive information for financial gain.

Ransomware Group Distinction

The LockBit 3.0 ransomware group distinguishes itself by operating under a Ransomware-as-a-Service (RaaS) model, actively recruiting affiliates to expand its reach and target a wide range of businesses and critical infrastructure organizations. LockBit 3.0, also known as LockBit Black, is considered one of the most dangerous and disruptive ransomware threats due to its advanced encryption capabilities, obfuscation techniques, and evasive features that make it challenging to detect and defend against.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.